CVE-2025-6068

Name of the Vulnerable Software and Affected Versions: FooGallery – Responsive Photo Gallery, Image Viewer, Justified, Masonry & Carousel plugin for WordPress versions through 2.4.31

Description: The FooGallery plugin for WordPress is susceptible to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attackers with Contributor-level access or higher to inject arbitrary web scripts into pages. These scripts will execute when a user accesses the affected page.

Recommendations: Update the FooGallery plugin to a version later than 2.4.31.